Solr 7.2.1 Security

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Solr 7.2.1 Security


We are using Solr Cloud with Sol 7.2.1 with external 3 node Zookeeper
quorum. I had look at the Basic AuthN and Role based authorization and
Enabling SSL. I have few questions at architectural level and requires your

1. Is it possible to do expose the read solr queries and real time GET have
it un-authenticated? and more critical admin functions (manage collections,
backup, etc) alone be available for privileged users?
2. Is it possible to do Collection level authorization? Like have a
separate user who has privilege to do Add, Delete, Modify a "specific"
collection? or should i actually create a separate Solr cluster to do this.
3. I see the documentation for enabling SSL (, is there any
steps for this with certificates provided by certifying authority? say
thawte, digicert, etc